AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2025-06-28 · Documentation medium

File: cli/latest/reference/qbusiness/update-data-accessor.md

Summary

Added new '--authentication-detail' parameter with IAM Identity Center authentication configuration options for data accessors

Security assessment

The change documents authentication methods (AWS_IAM_IDC_TTI and AWS_IAM_IDC_AUTH_CODE) for data accessors but does not indicate a security vulnerability fix. It adds security-related documentation about authentication configuration.

Diff

diff --git a/cli/latest/reference/qbusiness/update-data-accessor.md b/cli/latest/reference/qbusiness/update-data-accessor.md
index 222c4cef4..12e30794f 100644
--- a//cli/latest/reference/qbusiness/update-data-accessor.md
+++ b//cli/latest/reference/qbusiness/update-data-accessor.md
@@ -15 +15 @@
-  * [AWS CLI 2.27.42 Command Reference](../../index.html) »
+  * [AWS CLI 2.27.45 Command Reference](../../index.html) »
@@ -69,0 +70 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/qbusin
+    [--authentication-detail <value>]
@@ -1492,0 +1494,55 @@ JSON Syntax:
+`--authentication-detail` (structure)
+
+> The updated authentication configuration details for the data accessor. This specifies how the ISV will authenticate when accessing data through this data accessor.
+> 
+> authenticationType -> (string)
+>
+>> The type of authentication to use for the data accessor. This determines how the ISV authenticates when accessing data. You can use one of two authentication types:
+>> 
+>>   * `AWS_IAM_IDC_TTI` \- Authentication using IAM Identity Center Trusted Token Issuer (TTI). This authentication type allows the ISV to use a trusted token issuer to generate tokens for accessing the data.
+>>   * `AWS_IAM_IDC_AUTH_CODE` \- Authentication using IAM Identity Center authorization code flow. This authentication type uses the standard OAuth 2.0 authorization code flow for authentication.
+>> 
+
+> 
+> authenticationConfiguration -> (tagged union structure)
+>
+>> The specific authentication configuration based on the authentication type.
+>> 
+>> ### Note
+>> 
+>> This is a Tagged Union structure. Only one of the following top level keys can be set: `idcTrustedTokenIssuerConfiguration`.
+>> 
+>> idcTrustedTokenIssuerConfiguration -> (structure)
+>>
+>>> Configuration for IAM Identity Center Trusted Token Issuer (TTI) authentication used when the authentication type is `AWS_IAM_IDC_TTI` .
+>>> 
+>>> idcTrustedTokenIssuerArn -> (string)
+>>>
+>>>> The Amazon Resource Name (ARN) of the IAM Identity Center Trusted Token Issuer that will be used for authentication.
+> 
+> externalIds -> (list)
+>
+>> A list of external identifiers associated with this authentication configuration. These are used to correlate the data accessor with external systems.
+>> 
+>> (string)
+
+Shorthand Syntax:
+    
+    
+    authenticationType=string,authenticationConfiguration={idcTrustedTokenIssuerConfiguration={idcTrustedTokenIssuerArn=string}},externalIds=string,string
+    
+
+JSON Syntax:
+    
+    
+    {
+      "authenticationType": "AWS_IAM_IDC_TTI"|"AWS_IAM_IDC_AUTH_CODE",
+      "authenticationConfiguration": {
+        "idcTrustedTokenIssuerConfiguration": {
+          "idcTrustedTokenIssuerArn": "string"
+        }
+      },
+      "externalIds": ["string", ...]
+    }
+    
+
@@ -1608 +1664 @@ None
-  * [AWS CLI 2.27.42 Command Reference](../../index.html) »
+  * [AWS CLI 2.27.45 Command Reference](../../index.html) »